Existing tools and use cases

For example, a template can provide checks/hints/defaults s.a. those defined by the OWASP Enterprise Security API :- something equivalent to a generated logging session ID, or a hashed value of the session ID so they can track session specific events without risking the exposure of a live session's ID- identity of the user that caused the event- description of the event (supplied by the caller)- whether the event succeeded or failed (indicated by the caller)- severity level of the event (indicated by the caller)- that this is a security relevant event (indicated by the caller)- hostname or IP where the event occurred (and ideally the user's source IP as well)- a time stamp

Adding a plugin for parsing custom application logs is as easy as finding the correct regular expression provided that developers included all relevant information in the log message and that they have done so in a consistent way.

You can refer to the OSSIM database model to see what data is stored for events.

5) Implement scripts for filtering/scrubbing logs in order to enable log data sharing between organizationsGoal: information sharing around security eventsCustom logger implementations based on the OWASP ESAPI might also filter out any sensitive data specific to the current application or organization, such as credit cards, social security numbers etc.

Feedback and Participation:

We hope you find the OWASP Logging Project useful. Please contribute to the Project by volunteering for one of the Tasks, sending your comments, questions, and suggestions. To join the OWASP Logging Project mailing list or view the archives, please visit the subscription page.

Project Identification

PROJECT INFOWhat does this OWASP project offer you?

RELEASE(S) INFOWhat does this OWASP project release offer you?

what

is this project?

OWASP Logging Project

Purpose: The goals of this project are:

Provide tools for software developers in order to help them define and provide meaningful logs